Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8891

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-8891
Last Modified 17 Mar 2015 10:03:15
Published 06 Mar 2015 06:59:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-8891

Summary

Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager.

Vulnerable Systems

Application

  • Ibm Java Sdk 5.0.16.8

  • Ibm Java Sdk 6.0.16.3

  • Ibm Java Sdk 6.1.8.2

  • Ibm Java Sdk 7.0.8.10

  • Ibm Java Sdk 7.1.2.10


References

CONFIRM - https://www-304.ibm.com/support/docview.wss?uid=swg21695474

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1189142

CONFIRM - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_February_2015

SUSE - SUSE-SU-2015:0343

SUSE - SUSE-SU-2015:0306

SUSE - SUSE-SU-2015:0304

SUSE - SUSE-SU-2015:0392

SUSE - SUSE-SU-2015:0376

SUSE - SUSE-SU-2015:0345

SUSE - SUSE-SU-2015:0344

REDHAT - RHSA-2015:0264

REDHAT - RHSA-2015:0136


Last Updated: 27 May 2016 11:08:02